The loosely organized hacktivist collective Thursday declared war -- or at least inconvenience -- on financial services businesses in a call to arms against "the crimes of Goldman Sachs and other firms" for their role in contributing to the mortgage crisis, amongst other alleged misdeeds.

"It should be the duty of any Anonymous, any hacker, in solidarity with Occupy, to release the Dox on the CEOs & any and all Executives of Goldman Sachs, AIG, Wells Fargo, Chase, Meryl Lynch, and any other guilty party," it wrote, referring to releasing (doxing) stolen data. "Their dox, any and all possible personal information on these people, must be released and made public and spread across the internet as much as possible. The people who have lost their homes and had their lives destroyed deserve to know who it was that did it."

The new statement from Anonymous struck a populist note, referencing widespread bankruptcies triggered by the mortgage crisis, bank employees' bonuses and the poor treatment of Internet activist Aaron Swartz. But it was also personal, calling out Bank of America for its "pathetic assault on Anonymous' methods," referring to what it first alleged Monday was a campaign funded by Bank of America to spy on Anonymous and Occupy members.

The so-called Anonymous Intelligence Agency Par:AnoIA bolstered those claims Wednesday by publishing what it described as "a total of 14GB data, code and software that is related to Bank of America, Bloomberg, Thomson Reuters, TEKSystems and ClearForest."

"Looking at the data it becomes clear that Bank of America, TEKSystems and others ... gathered information on Anonymous and other activists' movement on various social media platforms and public Internet Relay Chat (IRC) channels," according to a statement posted on the Par:AnoIA site. It said the data dump included "a full version of ClearForest's text analyzing software OneCalais," emails between Bank of America and a subcontractor it hired to monitor Anonymous, as well as source code for what appeared to be Bank of America software.

The dumped data and files were reportedly retrieved from an unsecured server located in Tel Aviv, Israel, which also included a full version of OneCalais. "The source of this release has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs," according to Par:AnoIA.

In its statement, Par:AnoIA also noted that 4.8 GB of that data included "detailed career and salary information of hundred of thousands of executives and employees from various corporations all around the world." It said the file was tagged with "reuterscompanycontent" -- which seems to indicate that it came from Thomson Reuters -- although stored in a file named "Bloomberg." "What it was doing on the Israeli server is up to anyone's guess," said Par:AnoIA.

After the 14 GB of data was released, word quickly spread via Twitter that the published software included code designed to infect targeted PCs. "WARNING: The #Anonymous #BOA files include #TROJAN scripts and programs that 'call home' to #ClearForest and #OneCalais," according to a tweet from the OneCalais Twitter account, which broadcast its first tweet on Wednesday.

Bank of America confirmed that data from the bank -- including emails -- had been released by Anonymous, but blamed the underlying data breach on its contractor. "In this instance, a third-party company was compromised," according to a statement issued Wednesday by the bank. "This company was working on a pilot program for monitoring publicly available information to identify information security threats."

Interestingly, a subsequent Twitter post from Anonymous said, "The employees of the 'other company' (@TEKsystems) Bank of America is blaming were all using http://bankofamerica.com e-mail addresses."

But news that Bank of America was spying on members of Anonymous and Occupy seemed to trigger widespread hacktivist outrage. "Hi we were wondering if you'd advise on how to hire incompetent ex-military spook goons to spy on private citizens. Expensive?" read a tweet to the Bank of America's customer support account on Twitter, sent by the Anonymous Operation Last Resort Twitter account.

Published: 2015-03-31The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.